The encryption type requested is not supported by the KDC
Currently, we are on the mids AD migration, and when the migrated users tried to change their password, they will get this error:
Please let me know if there any solution for this?
Here the background:
We have multiple source forests that need to consolidate into a single target Windows 2019 forest.
Currently, the target AD forest hardens by removing all the weak chippers (including RC4).
Is that any other way other than enabling RC4 on the target domain or resetting the account's password on the target domain, so the new password's hash will use AES-based encryption instead of RC4?
Thanks and regards,